Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil Exam 712-50 Topic 6 Question 103 Discussion

Actual exam question for Eccouncil's 712-50 exam
Question #: 103
Topic #: 6
[All 712-50 Questions]

SCENARIO: Critical servers show signs of erratic behavior within your organization's intranet. Initial information indicates the systems are under attack from an outside entity. As the Chief Information Security Officer (CISO), you decide to deploy the Incident Response Team (IRT) to determine the details of this incident and take action according to the information available to the team.

In what phase of the response will the team extract information from the affected systems without altering original data?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Ronna at Mar 04, 2025, 05:19 AM

Limited Time Offer

25%

Off

Get Premium 712-50 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Niesha
1 days ago
I'm going with B) Investigation. That's where the real detective work happens, and you can't afford to mess it up by accidentally changing the evidence. Unless, of course, you're secretly the culprit and want to cover your tracks. Just joking, just joking!
upvoted 0 times
...
Taryn
3 days ago
B) Investigation makes the most sense here. You need to extract information without altering the original data to understand what's happening and how to respond effectively. Anything else would just be guesswork.
upvoted 0 times
...
Truman
5 days ago
I believe it's important to not alter original data during the Investigation phase to preserve evidence for analysis.
upvoted 0 times
...
Yuriko
7 days ago
The answer is clearly B) Investigation. That's when the team will gather and analyze the evidence without modifying the original data. I've seen this in my training, and it's crucial for preserving the integrity of the investigation.
upvoted 0 times
...
Leota
8 days ago
I agree with Salina, in the Investigation phase, they gather information without altering data.
upvoted 0 times
...
Salina
11 days ago
I think the team will extract information in the Investigation phase.
upvoted 0 times
...

Save Cancel